Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Why is my VPN "spoofing"
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Why is my VPN "spoofing" - 29.Oct.2007 5:51:01 PM
|
|
|
dam4742
Posts: 2
Joined: 29.Oct.2007
Status: offline
|
I'm having trouble getting ISA VPN to work correctly. I'm using Enterprise Edition with a two ISA server array and a back end configuration server. The array is NLB'd inside and out between ISA01 and ISA02. ISACS01 is the configuration server.
I have my Enterprise network defined as
10.2.0.0-10.2.0.100,
10.2.0.121-10.2.0.255
Because I am using a multi-server array, DHCP is not an option for VPN address assignment. Instead, I have defined the static addresses:
10.2.0.101-10.2.0.110 ISA01
10.2.0.111-10.2.0.120 ISA02
I manually set the advanced settings to force my DNS and WINS to 10.2.0.10.
I connect quickly to the VPN from an outside Windows client - no problem. When I try to ping an address on the Internal network, 10.2.0.50 I get ONE reply almost immediately, then nothing. In the ISA log, I see the Denied Connection error, but do not understand what is happening:
Source: Internal (10.2.0.50)
Destination: VPN Clients (10.2.0.112)
Protocol: Unidentified IP Traffic (ICMP:0)
Result code: 0xc0040014 FWX_E_FWE_SPOOFING_PACKET_DROPPED
Why is this spoofing? Clearly, one IP is on the Internal network, and the other is on the VPN network? Any ideas would be greatly appreciated.
Thanks,
Dale Maxfield
dmaxfield@technicalvelocity.com
|
|
|
|
RE: Why is my VPN "spoofing" - 29.Oct.2007 7:25:34 PM
|
|
|
dam4742
Posts: 2
Joined: 29.Oct.2007
Status: offline
|
Oops, meant to post this under VPN.
I found a "workaround" that has resolved my issue: http://support.microsoft.com/kb/838114/
-Dale
|
|
|
|
|
RE: Why is my VPN "spoofing" - 4.Nov.2007 7:00:17 AM
|
|
|
elmajdal
Posts: 5061
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
|
Hi,
Glad that you found what u were looking for, and thanks for the follow up.
_____________________________
Tarek Majdalani
MS Forefront Edge Security MVP
Website : http://www.elmajdal.net/ISAServer
New Section : http://www.elmajdal.net/Win2k8
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
